vanitasvitae/openpgp-notes
1
0
Fork 0
mirror of https://codeberg.org/openpgp/notes.git synced 2025-09-10 11:49:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

Extract TODOs as tickets

Browse source 
Signed-off-by: David Runge <dave@sleepmap.de>
This commit is contained in:
David Runge 2023-12-12 20:07:18 +01:00
parent 910b4f9976
commit a17a3a30f2
No known key found for this signature in database
GPG key ID: 90D4B9641E092971
14 changed files with 21 additions and 147 deletions
Download patch file Download diff file Expand all files Collapse all files

15
book/source/decryption.md
View file

@ -21,15 +21,6 @@ If no suitable PKESK packets were found, SKESK packets are tried next, meaning t
Once any of these methods succeeded, the resulting *session key* is used to decrypt the SEIPD packet.
```{admonition} TODO
:class: warning
- using expired certificate?
- using revoked certificate?
- using expired subkey?
- using revoked subkey?
```
## Passphrase-protected session key (SKESK)
Decrypting a SKESK packet to recover the *session key* is done by performing the encryption steps in reverse, based on a user-provided passphrase.
@ -137,12 +128,6 @@ The cipher algorithm is either extracted from the decrypted session key (the alg
Once the cipher is initialized, the whole encrypted data from the SEIPD packet is decrypted.
```{admonition} TODO
:class: warning
Describe the MDC which is used for modification detection.
```
```{figure} plain_svg/SEIPDv1-decryption.svg
:name: fig-decryption-seipd1
:alt: Depicts how the session key is used directly to decrypt the contents of the SEIPD packet.